Browsing All Posts filed under »Cybercrime«

A New Hope…

December 24, 2013 by

0

Dave Aitel has graciously allowed us to run his commentaries before – see Hackers May Help Choose The Next US President and Aitel On Cyberwar. Dave is the founder and Chief [Security|technology|executive][1] Officer of Immunity, Inc, and runs the Daily Dave mailing list, where this article was originally published. It is re-published here with his kind permission. So […]

Banning Feds From DefCon Is Self Defeating. Here’s Why.

July 11, 2013 by

12

If you’re not familiar with DefCon, the hacker confab that has been meeting in Vegas for more than 20 years, you’re not paying attention to hacking. DefCon (and the accompanying conferences like BlackHat and BSides) makes Vegas the nerdiest place in the universe during July. You don’t want to use an ATM, connect to a […]

Big Ears, Little Ears: One article, three layers of blown secrecy, and how Edward Snowden proves my point

June 18, 2013 by

3

Today’s guest post is from Eric Olson, author of the Digital Water blog and a previous contributor to PLI. Well, I haven’t had much time to write here for quite a while, but the Edward Snowden affair – and more specifically this piece in the Guardian – were such a terrific display of the Digital […]

Strikeback! Commission on IP Theft Report Gets All Ronin On China

May 23, 2013 by

0

A bipartisan group that studies the effects and impacts of IP theft in the US, The Commission on the Theft of American Intellectual Property, has released a report outlining their findings on the scope of the issue and making policy recommendations to combat it. The most interesting proposal among several: strikeback to re-capture stolen IP […]

We Don’t Got Your Back. We Got Your Money.

February 4, 2013 by

6

“We deal in deception here. What we do not deal with is self-deception.” - The Departed, written by William Monahan, Alan Mak and Felix Chong FADE IN. EXT. DAY. A WHEAT FIELD. BEES AND BUTTERFLIES FLUTTER. WE ZOOM IN ON A WOMAN IN A BUSINESS SUIT, HOLDING A TABLET COMPUTER. WOMAN: I used to worry […]

Onity Hotel-Room Lock-Hacking Triviality Becomes an Issue In Texas

November 28, 2012 by

1

Last July at the Black Hat conference, security researcher Cody Brocious gave a well-attended and much-discussed presentation in which he responsibly, totally reasonably and helpfully demonstrated the complete fail that is the Onity hotel door lock system. Now, I have skin in this game – I stay in hotels. A lot. So much so that, […]

Creating A Law Enforcement Farm Team: A Rozzer Back-Bench

November 5, 2012 by

0

In law enforcement, there are two factions: sworn or non-sworn, and for many things (with the notable exception of crime and intelligence analysis) never the twain shall meet. This is as much about cops as it is about human nature, and I’m not trying to change it. But I’ve noticed that, in things like arrest […]

II: Reports You Need To Read Now

October 24, 2012 by

3

Three reports you should be aware of – and not just because Dave and I are so busy with warrant work that we’ve had no time to do anything except point to the analysis of others – are covered in this report, and all are worth reading. The first big report, which we were in […]

Cybercrime Statistics: What Are The Chinese Counting?

July 30, 2012 by

4

Over the weekend I read a piece in the US version of China Daily on some of the cyber crime issues being faced by China. The article reveals some interesting statistics about what China considers to be cyber crime. Apparently, in addition to traditional cyber criminal targets such as account details and personal information, the Chinese […]

Cyber-Criminal OPSEC – a Three-Part Series. Part III: TTTP

June 15, 2012 by

6

In Part I of this three-part series, we discussed the most basic of attribution methods, IP address analysis. In Part II, we talked about computer environmentals, and how it’s possible to build a device fingerprint based on what the user presents when they show up to a web server and ask for something and how […]

Cyber-Criminal OPSEC – a Three-Part Series. Part II: Environmentals

June 12, 2012 by

3

In Part I of this three-part series, we discussed the most basic of attribution methods, IP address analysis. In Part II, we talk about computer environmentals, and building a device fingerprint. And in Part III, we talk about tools, techniques, tactics and procedures used by cyber criminals. One of the things that mystifies us most […]

Cyber-Criminal OPSEC – a Three-Part Series. Part I: IP Addresses

June 11, 2012 by

5

This is Part I of a Three-Part Series on Cyber-criminal Operational Security. Part II is here. Part III is here. Recently, when speaking of a cyber case, I said that if your criminals have got an IQ of 101 or greater, and if they’re not pathologically lazy, they’re going to anonymize their traffic to the […]

II: Conceptual Issues for Congress and LE on Cybercrime

June 5, 2012 by

3

I’m at a conference in Philadelphia today on Organized Retail Crime (an area I’m becoming increasingly passionate about) but I wanted to mention the publication by the Congressional News Service of an important document on cybercrime. And I’m not just saying it’s important because it echoes stuff we’ve said here for the last year! Cybercrime: […]

BigEye: Meta’s Superb Daily OSINT Roundup

June 1, 2012 by

2

There are lots of great compendia of OSINT out there for law enforcement, some of which we’ve mentioned in these pages before.  One outstanding publication which has been around since 2006 is BigEye News Compilation, a free service from Meta Enterprises, LLC. Some of my favorite daily OSINT reads include the Daily Open Source Critical Infrastructure Report […]

Follow

Get every new post delivered to your Inbox.

Join 849 other followers